Forum for Science, Industry and Business

Sponsored by:     3M 
Search our Site:

 

Injecting Malicious Code Into HTML5-Based Apps

10.04.2014

Scanning 2D barcodes, finding free Wi-Fi access points, sending SMS messages, listening to music, and watching MP4 videos: these are very common activities that we do using our smartphones.

Can you imagine that simply doing these things can get your smarphones infected with "worms" that can not only steal personal information from your phone, but also infect your friends's phones.

Sound scary? It will not be long before worms like this spread among smartphones. What makes the attacks feasible is an emerging technology called HTML5-based app development, and it has been rapidly gaining popularity in the mobile industry.

When the adoption of this technology reaches certain threshold, attacks like this will become quite common, unless we do something to stop it. A recent Gartner report says that by 2016, fifty percent of the mobile apps will be using HTML5-based technologies.

What platforms are affected?

All major mobile systems will be affected, including Android, iOS, Blackberry, Windows Phone, etc., because they all support HTML5-based mobile apps.

A notorious problem of the HTML5-based technology is that malicious code can be easily injected into the program and get executed. That is why the Cross-Site Scripting (XSS) attack is still one of the most common attacks in the Web.

XSS attacks can only target at web applications through a single channel (i.e. the Internet), but with the adoption of the same technology in mobile devices, we have found out that a similar type of attack can not only be launched against mobile apps, it can attack from many channels, including 2D barcode, Wi-Fi scanning, Bluetooth pairing, MP3 songs, MP4 videos, SMS messages, NFC tags, Contact list, etc. As long as an HTML5-based app displays information obtained from outside or from anohter app, it may be a potential victim.

Chris Hittinger | EurekAlert!
Further information:
http://www.cis.syr.edu/~wedu/attack/

More articles from Information Technology:

nachricht Superfast fluorescence sets new speed record
27.07.2015 | Duke University

nachricht Two crystals are better than one
22.07.2015 | The Agency for Science, Technology and Research (A*STAR)

All articles from Information Technology >>>

The most recent press releases about innovation >>>

Die letzten 5 Focus-News des innovations-reports im Überblick:

Im Focus: On the crest of the wave: Electronics on a time scale shorter than a cycle of light

Physicists from Regensburg and Marburg, Germany have succeeded in taking a slow-motion movie of speeding electrons in a solid driven by a strong light wave. In the process, they have unraveled a novel quantum phenomenon, which will be reported in the forthcoming edition of Nature.

The advent of ever faster electronics featuring clock rates up to the multiple-gigahertz range has revolutionized our day-to-day life. Researchers and...

Im Focus: Superfast fluorescence sets new speed record

Plasmonic device has speed and efficiency to serve optical computers

Researchers have developed an ultrafast light-emitting device that can flip on and off 90 billion times a second and could form the basis of optical computing.

Im Focus: Unlocking the rice immune system

Joint BioEnergy Institute study identifies bacterial protein that is key to protecting rice against bacterial blight

A bacterial signal that when recognized by rice plants enables the plants to resist a devastating blight disease has been identified by a multi-national team...

Im Focus: Smarter window materials can control light and energy

Researchers in the Cockrell School of Engineering at The University of Texas at Austin are one step closer to delivering smart windows with a new level of energy efficiency, engineering materials that allow windows to reveal light without transferring heat and, conversely, to block light while allowing heat transmission, as described in two new research papers.

By allowing indoor occupants to more precisely control the energy and sunlight passing through a window, the new materials could significantly reduce costs for...

Im Focus: Simulations lead to design of near-frictionless material

Argonne scientists used Mira to identify and improve a new mechanism for eliminating friction, which fed into the development of a hybrid material that exhibited superlubricity at the macroscale for the first time. Argonne Leadership Computing Facility (ALCF) researchers helped enable the groundbreaking simulations by overcoming a performance bottleneck that doubled the speed of the team's code.

While reviewing the simulation results of a promising new lubricant material, Argonne researcher Sanket Deshmukh stumbled upon a phenomenon that had never been...

All Focus news of the innovation-report >>>

Anzeige

Anzeige

Event News

3rd Euro Bio-inspired - International Conference and Exhibition on Bio-inspired Materials

23.07.2015 | Event News

Clash of Realities – International Conference on the Art, Technology and Theory of Digital Games

10.07.2015 | Event News

World Conference on Regenerative Medicine in Leipzig: Last chance to submit abstracts until 2 July

25.06.2015 | Event News

 
Latest News

Intracellular microlasers could allow precise labeling of a trillion individual cells

30.07.2015 | Life Sciences

Real-time imaging of lung lesions during surgery helps localize tumors and improve precision

30.07.2015 | Health and Medicine

New study exposes negative effects of climate change on Antarctic fish

30.07.2015 | Life Sciences

VideoLinks
B2B-VideoLinks
More VideoLinks >>>